Technical Manual

ICT220

Ingenico - 190-192 avenue Charles de Gaulle - 92200 Neuilly-sur-Seine Tl. 33(0)1 46 25 82 00 - Fax 33 (0)1 47 72 56 95 - ingenico@ingenico.com

Content

1. Equipment ___________________________________________________ 4
1.1. General hardware description ___________________________________________4
1.1.1. Main characteristics of ICT220 Countertop terminal___________________________________ 4 1.1.2. Other characteristics____________________________________________________________ 4

1.2. Detailed terminal characteristics _________________________________________ 7

1.2.1. Processors ____________________________________________________________________ 7 1.2.2. Data security __________________________________________________________________ 8 1.2.3. The isolation mechanism by electronic locking system ________________________________ 9 1.2.4. Smart card readers ____________________________________________________________ 10 1.2.5. SAM readers (Security Access Module) _____________________________________________12 1.2.6. Magnetic stripe card reader ______________________________________________________12 1.2.7. Keypad Navigation pad ________________________________________________________13 1.2.8. The display screen_____________________________________________________________ 14 1.2.9. Printer ______________________________________________________________________ 15 1.2.10. Modem _____________________________________________________________________ 16 1.2.11. Power supply unit ______________________________________________________________17 1.2.12. External links __________________________________________________________________17 1.2.13. Buzzer ______________________________________________________________________ 19

2. Software____________________________________________________ 20
2.1. Software architecture_________________________________________________20 2.2. Memory space allocation ______________________________________________ 21 2.3. Software security management_________________________________________ 22 2.4. Operating system ____________________________________________________ 22
2.4.1. Bootstrap ___________________________________________________________________ 22 2.4.2. Operating system (OS) characteristics ____________________________________________ 22

2.5. Manager____________________________________________________________ 23
2.5.1. Terminal initialisation __________________________________________________________ 23 2.5.2. Terminal maintenance _________________________________________________________ 24

2.6. Software downloading ________________________________________________26

2.6.1. Downloading _________________________________________________________________ 26

Technical Manual ICT220 2/36 Copyright 2009 Ingenico All rights reserved

2.6.2. LLT(Local Loading Tool) ________________________________________________________ 26 2.6.3. Downloading by USB key _______________________________________________________ 26 2.6.4. TMS (Terminal Management Server)______________________________________________ 27 2.6.5. Downloading and managing memory allocation in the terminal ________________________ 27 2.6.6. Improved software downloading ________________________________________________ 27 2.6.7. Starting the downloading_______________________________________________________ 27

2.7. Development workstation _____________________________________________29

3. Terminal management system - TMS ____________________________ 30

3.1. Introduction_________________________________________________________30 3.2. Basic functions ______________________________________________________30 3.3. Advanced functions __________________________________________________30 3.4. Customers savings with Ingenico TMS solution ____________________________ 31

4. Services_____________________________________________________ 32 5. Standards ___________________________________________________ 33 6. Documentation ______________________________________________ 34

Technical Manual ICT220 3/36 Copyright 2009 Ingenico All rights reserved

1. Equipment
The ICT220 is the first terminal of the new Ingenico ready to stay in the market for long. It puts together power of new processor, latest security, fast printer, large memory and best design for keyboard with its large keys, display and its general casing. It is a countertop, with wires for power supply or to communicate (Ethernet or Modem). But this terminal is suitable for both the merchant and customer as it can be handling very easily, especially equipped with its Magic Box. ICT220 is: powerful, highly secure, very robust, very reliable, easy to operate.

1.1. General hardware description

1.1.1. Main characteristics of ICT220 Countertop terminal
RISC ARM9 32 bits running at 450 Mips RISC ARM7 32 bits running at 50Mips SDRAM : 8 Mb FLASH : 16 Mb White Backlit 128 x 64 pixel graphic display 15 keys (including 3 colour keys "Validation", "Correction" and "Cancel") 4 navigation keys White backlit yes synchronous and asynchronous Clock frequency 4.76 MHz Vcc = 5V, 3V, 1,8V Track 1/2/3 2 in standard asynchronous Clock frequency 4.76 MHz Vcc = 5V, 3V, 1,8V Modem : V22, V22bis, v29 fast connect, V32, V32bis Auto answer Fast connect 1 USB slave 1 USB master 1 RS232 1 telephone line in Thermal printer with graphic mode Paper detection Easy loading 42 characters per line

Main processor Crypto processor Internal memory Display Keypad

Buzzer Main Smart card reader

Magnetic card reader 2 SAMs

Communications

Connections on terminal

Printer

Technical Manual ICT220 4/36 Copyright 2009 Ingenico All rights reserved

Power supply Size Weight Environnement Security Included accessories

Personalization

18 lines/second in alphanumeric print mode for a typical receipt Receipt width: 58 mm Paper roll diameter: 40 mm Paper roll length: 17m 230 V 50 Hz; External detachable power supply unit 83x185x63mm 325g (without paper, whitout cable) Operating temperature : +5C to +45C Operating humidity : 85% HR to +40C PCI PED v2.0 Power supply with European connector Power supply for other countries available on demand Telephone cable Lens Sticker on paper trap Upper cover Keypad marking

Optional on the terminal: 16Mo of SDRAM; Ethernet 10/100 BaseT. Accessories: Pinshield; Ethernet, RS232, USB host, USB slave cables; PP30S Pin-Pad; Magic Box with connector for power supply, RS232, Ethernet, telephone line.

1.1.2.

Other characteristics

Ergonomics
ICT220 is specially designed to make easier: introduction and removal of smart cards; magnetic stripe card reading; operator guiding, using navigation keys and dialogue; input on touch-effect large-key keypad; information display using large backlit screen.

Integration
Easy integration of the ICT220 in all types of business thanks to the thermal printer's silence (see details later in the document) and excellent ergonomics.

Reliability
ICT220 has been designed to make maintenance easy and to improve reliability.

Data security
Data protection characteristics: Technical Manual ICT220 5/36 Copyright 2009 Ingenico All rights reserved

 Tamper detection ; Tamper responsive ; Tamper evidence . Powerful algorithms used for encryption and authentication.

From an ultra-powerful processor through to software development

ICT220 circuit board is based on an ARM 9 processor with very large scale integration: "a circuit board in a chip". It contains a series of smart peripherals and a 32-bit ARM9 RISC processor clocked at 380 MHz, capable of remaining active with very low energy consumption levels. These manage: Actual isolation of software, essential in a multi-application context. The design of the processor ensures the integrity of the software applications and their data. Thus no application can have its data or code consulted or altered by another. Simultaneity among the various peripherals, reducing the transaction time required, for example, when printing while inputting data on the keypad. Memory space, which is directly addressable by the processor (no paging mechanism). Application development is made easier, and memory space availability is optimal. Memory space optimization was also in the design brief. The application is compressed and stored in non-volatile memory.

Software development platform

The application development platform is one of the most efficient on the market. It enables developments and debugging in "C" language in an integrated development environment.

Embedded operating system

In addition the operating system now onboard each ICT220 offers highly evolved functions such as the maintenance system, local diagnostics and remote diagnostics, functions improving after sales service and enabling efficient equipment management. See chapter 2.4 Operating system.

Download
The reduction of download time was a major requirement; it is very reduced, thanks to data compression techniques. Of course, selective downloading enables one software application to be downloaded or changed independently of the others or the system. The use of FTP TCP/IP and PPP allows download times to be optimized. Once the connection has been made with the V32b modem, the downloading of a 120 Kb software application takes about 1 min. Once IP connection has been made with SSL (Ethernet), the downloading of a 120 Kb software application takes about 2 s. The downloading with LLT or USB memory of a 120 Kb software application takes about 2 s.

Technical Manual ICT220 6/36 Copyright 2009 Ingenico All rights reserved

1.2. Detailed terminal characteristics

1.2.1. Processors
ARM9 32 bits RISC processor 380 MHz 450 MIPS ARM7 32-bit RISC processor with flash and RAM memory 57 MHz 50 MIPS Leap-year management

Main CPU Clock frequency Capacity CRYPTO CPU Clock frequency Capacity Calendar

The power of the ICT220s processors gives the following performance: 3DES less than 10s.
Algorithm Keys 1024 exp 3 1024 exp 216 + 1 2048 exp 3 2048 exp 216 + 1 RSA 0,4 ms 3 ms 1,1 ms 9 ms SDA 1 ms 8 ms 3 ms 24 ms DDA 1,5 ms 13 ms 4,5 ms 38 ms

Main CPU memory capacity

FLASH SDRAM 16 8, 16

Data storage
The ICT220 has a lithium battery. Characteristics 3 Volts 550 mAh welded
(With the following assumptions: 1,5 year storage maximum from the manufacturing date at 25 C, and 45 days / year, not powered at 25C)

Forecast duration

battery 7 years

Technical Manual ICT220 7/36 Copyright 2009 Ingenico All rights reserved

1.2.2.
1.2.2.1.

Data security
Equipment design

The terminal was designed with the goal of resisting tampering, in order to keep the confidential character of sensitive data (keys or confidential code), and to delete this data as soon as a tamper attempt is detected. All the data are inside the cryptoprocessor and are thus physically protected by the chip. This prevents the reading of secret bank keys and confidential codes. The display, keypad and smart card readers are controlled by the cryptoprocessor.

Tamper resistance
Check of lid opening; Check of keypad tampering; Check of temperature; Check of voltage; Protection against drilling; Magnetic head protection; CAM (Smart Card reader) connector protection.

Tamper detection
When tampering occurs, the terminal reacts: The cryptoprocessor deletes sensitive data, The keypad locks.

Tamper evidence
A message is displayed to alert the user.

1.2.2.2.

Software design

Software download is made secure. Only authentic, signed and certified software can be downloaded into the terminal. The software identification scheme is based on: Asymmetric encryption algorithm with public and private keys; Certified RSA cards; Software Signature Tool (SST). Application intended to be downloaded into the secure terminal must first be signed by a Software Signature Tool (SST). They can then be remotely downloaded using a TMS (Remote downloading tool) or locally using a LLT (Local Loading Tool). Once the application is downloaded, the cryptoprocessor checks the downloaded application's certificate and signature. This operation constitutes the authentication. If the downloaded application is authentic, it is accepted. Technical Manual ICT220 8/36 Copyright 2009 Ingenico All rights reserved

NOTE: "LLT" and "TMS" solutions are described in the section "Software downloading".

1.2.2.3.

User design

The product has to be activated before any use. Once activated, the terminal is operational. Activation enables: software downloading, product security.

1.2.2.4.

Standards

Compliance with international specifications for: PCI PED 2.0 (Payment Card Industry Pin Entry Device) On-line / off-line PIN DUKPT, MK/SK, Fixed Key EMV Level 1 Version 4.0 - December 2000 EMV Level 2 Version 4.2 - June 2008

1.2.3.

The isolation mechanism by electronic locking system

Isolation
Read/write isolation is obtained by USER confinement in the application memory space. Inter-software isolation is controlled by an MMU (Memory Management Unit).

MMU features
Hardware protection; Complete inter-software protection (read/write); Code protection.

Inviolable memory protection

The controller checks each access to the memory.

The OS is inviolable and protected

The Processor distinguishes two execution worlds: USER world: software domain. SUPERVISOR world: OS domain. No software running in the USER world can access the SUPERVISOR world. This exclusion mechanism is ensured by the processor itself. Therefore the OS is inviolable, even in the case of an application bug. This system inviolability ensures that the isolation mechanism supervised by the OS always remains operational. Technical Manual ICT220 9/36 Copyright 2009 Ingenico All rights reserved

The OS ensures the inter-inviolability of software applications

The OS can decide the access rights of the USER world at any time. The MMU used by the processor enables the software's addressable space to be delimited. A software application can only write to the memory space corresponding to the scope of its data field. Any attempt to write or read in another space is immediately "trapped" by the controller, generating an exception. Thus the OS keeps a track of this incident for future use with remote diagnostics. The other software applications remain non-violated and operational. Furthermore, the software in question cannot even self-destruct, because its write access to code is denied.

1.2.4.

Smart card readers

The ICT220 is equipped with: 1 main smart card reader named CAM1. The card is always visible by the user. 2 positions for the SAM readers.

The CAM readers

Main reader CAM1: Located on the front of the terminal, it allows easy introduction and removal of the card; leaving the card always visible to the user.

CAM reader features

International standards ISO 7816. EMV Level 1 - 4.0. Smart cards and memory cards (asynchronous and synchronous). Cards accepted: asynchronous cards to standard ISO 7816 and to EMV specifications synchronous cards (possibility of specific drivers) Detection and protection against accidental removal. Specially designed ergonomic card introduction zone.
Conformity with ISO standards Protocol used Convention Clock frequency Protection ISO 7816-1, 2, 3 protocol T=0 & T=1 Direct and inverse 4.76 MHz

Detection of short-circuit or over-consumption, VCC Detection of accidental removal by interruption

Technical Manual ICT220 10/36 Copyright 2009 Ingenico All rights reserved

Power supply voltage Vcc Grip

5V, 3V & 1.8V 8 friction contacts (middle chip) Contact for card presence and removal 100,000 Separate logical outputs on contacts 4 and 8 Possibility of specific drivers development on request.

Number of operations Synchronous cards

Examples of usable cards: asynchronous T=0 asynchronous T=1 synchronous : GEM Plus: GPM 416/896 5V and compatible GPM 256 GPM 271 GPM 2k (S10) GPM 8k (S9) GFM 2k (S8) GFM 4k (S8) SIEMENS: SLE 404 SLE 4418 (S9) SLE 4428 (S9) SLE 4432 (S10) SLE 4436 SLE 4442 (S10)

ATMEL: AT88SC1003 etc Hardware and software base of the ICT220 is open and enables the development of other specific synchronous drivers.

Technical Manual ICT220 11/36 Copyright 2009 Ingenico All rights reserved

1.2.5.

SAM readers (Security Access Module)

2 SAM readers can accept cards in "microsim ID000" (minicard) format. The SAMs readers are easy to access through two access flaps.

NOTE: Synchronous cards and SAM contacts C4 and C8 are not managed. These cards are memory extensions and enable to increase the size of the files in the terminal.

1.2.6.

Magnetic stripe card reader

The ICT220 is equipped with a swipe manual reader.

Large acceptance range: Slow swipes at 10 cm/sec ; Fast swipes at 100 cm/ sec; High and low coercivity swipe reader.

Technical Manual ICT220 12/36 Copyright 2009 Ingenico All rights reserved

Reader type Tracks read Card formats accepted Card swipe speed Reading error rate Card slot Head lifespan

Manual Track: ISO2 - ISO1 ISO3 ISO 7810, 7811-1, 2, 3, 4 & ISO 7813 10 cm/s to 100 cm/s < 0.5% On the upper side of the ICT220 300,000 swipes

1.2.7.

Keypad Navigation pad

Navigation pad 4 navigation keys for dropdown menus; backlit.

keypad Numeric keys; Keys with alphanumeric marking; Key 5 and function keys with Braille bumps for visually handicapped; White backlit.
Keypad Number of keys Type Area Number of operations Pressing force Key size Key pitch backlit Tactile effect 19 Elastomer membrane About 47 cm2 1 million about 250 g approx. 16,5 x 8,5 mm (width x height) approx. 20,5 x 13,5 mm (horizontal x vertical) By white LED by metallic dome

Technical Manual ICT220 13/36 Copyright 2009 Ingenico All rights reserved

Alphanumeric input
The ICT220 enables the input of alphanumeric characters on its keypad. This input is made easier with the keypads screen-printed alphabetic characters.

1.2.8.

The display screen

Graphic monochrome 128 x 64 pixels Active zone: 59,5 x 33,1 mm White backlit FSTN technology

Display Type Diagonal dimension Display area Number of pixels Character size (exemple) 21 char/line* 16 char/line* 12 char/line* Technology Assembly Protection Screen 6 x 8 pts 8 x 10 pts 10 x 12 pts

128 x 64 LCD 2.7 inches 59,5 x 33,1 mm 128 x 64

3,08 x 3,70 mm 4,12 x 4,63 mm 5,15 x 5,56 mm FSTN Clipped on frame inside terminal By PMMA window Transflectif

* The number of characters per line mentioned is for illustration, and it depends on the character font used.

Technical Manual ICT220 14/36 Copyright 2009 Ingenico All rights reserved

1.2.9.

Printer

Easy and fast paper loading

Bar type thermal printer Silent < 56 dB 1 m. Fast: 24 characters/line, About 18 lines/second in alphanumeric print mode (standard receipt), Fast paper-advance function: More than 40 mm/s. Graphics
Characters size Characters font Number of characters/line Printing attributes Printing colour Paper loading Paper presence detection Graphic mode Paper rolls: Paper color Paper width Diameter Lenght > 3 x 2 mm (H x l) Software defined 24 in standard modes Modes: condensed (48 characters/line), bold, double height, double width Black Easy paper loading system Optical sensor Definition of graphic characters or LOGOS 384 pixels/line White 58 mm 40 mm about 18 m

Technical Manual ICT220 15/36 Copyright 2009 Ingenico All rights reserved

1.2.10. Modem
Modem V22, V22bis, V29 Fast connect, V32, V32bis, (respectively 1200, 2400, 9600, 14400 bauds); V34 available on option (might be in standard later on). Full duplex synchronous or asynchronous; Full software setting; AT compatible; Built in the terminal, communicates with PSTN; Galvanic isolation 2500 V / 1 min ; Responder, Initiator, busy line detection; Fast connect.
Dialer Possible use of private exchanges DTMF dial-up according to 4 software set levels Pulsed dial-up Checking of routing and tones V29 Fast connect, V32bis, V32 V42, V42b, MNP4 & MNP5 V22 b, V22 ( variant B), - Full duplex - asynchronous - synchronous Software set

Electronic interface

Framing Emission levels Reception levels Line quality Protection

Software set Operation from 0 to -43 dBm; carrier loss from -43 to -48 dBm Line error rate tolerated: from 10-3 to 10-6 Line differential security: 250 V non-destructive Galvanic isolation between line interface and modem: 2500 volts /1 min Plug-in cable, length 3 m, fitted with RJ11 at both ends. Connection to network by RJ11 socket + adapter phone jack if necessary AT compatible command set Setting of DTMF emission levels, data, Framing, etc. Setting of adaptability to local network conditions Setting of dial-up characteristics (intertrains, delays, etc.) Setting using the keypad

Connectivity

Logic

Technical Manual ICT220 16/36 Copyright 2009 Ingenico All rights reserved

1.2.11.

Power supply unit

Wall-mount unit Standard, rectified regulated Meeting international safety standards

The power supply unit is adapted to the constraints and standards in force in the country of use. The characteristics of the power supply unit for Europe (not UK) are:
Input voltage Output voltage Protection Standards 230V - 50 Hz 8 V, 2 A Against surges : Thermal fuse placed on primary Against conducted interference: integrated filter Europe: CE USA: UL, CSA, CEC (in progress) Australia: C-Tick Power supply jack with safety catch Straight flexible cable About 1,8 meters long between ICT220 and power supply, plug in on ICT220 side. 115 g approx 77 x 25 x 89 mm (L x w x h)

Mechanical interface

Weight Dimensions

1.2.12. External links

Rs232 version

Phone line Port USB slave (USB B - function) USB master (USB A - host) Conform to USB2.0 (full speed) Simplified RS232

Technical Manual ICT220 17/36 Copyright 2009 Ingenico All rights reserved

RS232 & Ethernet version

Phone line Port USB slave (USB B - function) USB master (USB A - host) Conform to USB2.0 (full speed) Ethernet (for network) Simplified RS232

USB Slave Electronic interface Number of wires USB slave 1= 5V 2= D 3= D+ 4= GND USB type B jack 12 Mbps max Local downloading tool Point of sale integration USB master Electronic interface Number of wires USB master 1= 5V regulated 250 mA (*) 2= D 3= D+ 4= GND USB type A jack Low speed : 1,5 Mbps High speed : 12 Mbps Check reader equipped with USB PP30S, P30 Fingerprint sensor Contactless target, external modem,

Mechanical interface Logical interface Connection examples

Mechanical interface Logical interface Connection examples

(*) 250 mA max available on USB compatible with Pin-Pad P30 and PP30S. USB conform USB2.0 (full speed)

Technical Manual ICT220 18/36 Copyright 2009 Ingenico All rights reserved

Ethernet (according the terminal type) Electronical interface IEEE 802.3 Number of wires 1 = RX2 = RX+ 3 = TX4 = TX+ Mecanical interface Modular jack 4 points RJ11 Logical interface Compatible 10Mbps and 100 Mbps Connection examples ADSL box,

COM0 (according the terminal type) Electronical interface RS232 Simplified Number of wires RTS RX TX GND Available power supply 5V * Mecanical interface mini-USB type B jack 1 = 5V (*) 2 = Tx 3 = Rx 4 = RTS 5 = GND Logical interface Connection examples 300 - 115 kbps Software set Framing Local downloading tool Cash register Check reader Computer External modem Converter box RS 485

(*) 250 mA max to share out between the two links (COM and USB master).
COM2 (according the terminal type) Electronical interface RS232 Simplified Number of wires CTS DTR RX TX GND Mechanical interface Wire to board connectors 1 = Tx 2 = Rx 3 = DTR 4 = CTS 5 = GND Logical interface 300 - 115 kbps Connection examples Cash register Check reader Computer External modem Converter box RS 485

1.2.13. Buzzer
Control by applications. Power greater than 55 dB to 1 meter. Frequency set by software. Technical Manual ICT220 19/36 Copyright 2009 Ingenico All rights reserved

2. Software
The terminal has a software architecture that supports several applications coexisting without mutual interference. The OS is multitask, real-time and pre-emptive. The inputs/outputs are managed under interruptions. This means the peripherals can be processed simultaneously, and thus improves the terminal's performance. It can be downloaded to FLASH memory.

2.1. Software architecture

Technical Manual ICT220 20/36 Copyright 2009 Ingenico All rights reserved

The software architecture is divided into three levels: System Multi-application manager Independent applications The system manages access to all the terminal's peripherals. Access is completed via standard C primitives for all the input/output peripherals (keypad, printer, etc.) and via specific primitives for other peripherals (smart cards and magnetic stripe cards). Further, the system takes charge of memory management. It allocates memory space to the software applications and controls access. The multi-applications manager is the entity that calls on the various applications downloaded in the terminal in response to the various events that occur in the terminal. The applications are modeled around the demands made by the multi-applications manager. Each request or input point represents a processing operation to be performed. Each application manages the execution of these processing operations according to its specifications. This standardization based on input points simplifies the implementation of the applications on terminals. The ICT220 provides natural access to the modularity concepts and improves the maintainability and quality of the applications.

2.2. Memory space allocation

This part describes the memory usage as it is known at the present moment, this is subject to change. Exemple of a rough memory space allocation for a 16MB Flash + 16MB SDRAM configuration. Applications ~ 10.7 MB Applications Data ~10 MB 10 MB

SSL ~0.7 MB EMV ~0.4 MB Telium 2 Manager ~1.1 MB 4.2 MB OS + Drivers ~3.1 MB 16 MB SDRAM 1.1 MB

Applications code ~3 MB 6 MB System code ~2.95 MB

16 MB FLASH

Technical Manual ICT220 21/36 Copyright 2009 Ingenico All rights reserved

2.3. Software security management

The terminal is designed to execute authentic software only and to this in a ranked context. The terminal performs the following checks During a software download, the terminal checks: Its authenticity, by checking its signature with the RSA algorithm with RSA-2048 algorithm. Before running a software, the terminal checks: Its presence by looking for the softwares identity. Its integrity by checking checksums and CRCs.

2.4. Operating system

2.4.1. Bootstrap

Bootstrap is resident. The bootstrap very briefly takes control of the terminal following each powering up to perform the initialization and the self-test. Then it automatically runs the OS which in turn starts the applications manager. Thus the Bootstrap provides the following functionalities: Memory and checksum self-test; Local download of the OS if absent; OS authenticity check and start-up.

2.4.2.

Operating system (OS) characteristics

The OS is downloaded (locally or remotely) into the memory. It is upgradeable. After a few fractions of a second following powering up, it takes control. It checks the presence, integrity and authenticity of the system components and application present in the terminal. The maintenance subsystem takes control in the following cases: if no authentic application is present; or if a manual action by the operator is made when powering up; or if it is activated by application. The maintenance subsystem ensures, among other things, the downloading of the applications. The OS ensures the start of the multitask core and then runs of the application by making a set of services available to them:

Technical Manual ICT220 22/36 Copyright 2009 Ingenico All rights reserved

 Multitask management: Availability of a pre-emptive real-time environment, based on interruptions, events and mail boxes. This management enables simultaneous processing, which improves the terminal's performance. Input/output management: This is carried out under interruptions, generally in buffered mode. Thus, the applications developer enters a "conventional" C context. System alarms management: Certain incidents (e.g. swipe card reading error) detected by the OS are recorded. They can be used later by the maintenance subsystem during remote or local diagnostics. Application alarms management: A number of incidents detected by the applications can be saved by the OS at their request. This recording is used later as in the case of system alarms. Application isolation management: The OS provides the mechanisms described in the section on software isolation and memory protection. Between software isolation is managed by an MMU (Memory Management Unit). Applications download management: The OS offers the downloading services described in the section "Software download"

2.5. Manager
The main functions offered by the manager are the following: Application management; Terminal initialisation; Terminal maintenance; Card recognition and routing to the application. When EMV DC module is present, it selects the application: EMV applications (conform with EMV level 2); non EMV applications.

2.5.1.
2.5.1.1.

Terminal initialisation
Operating requirements

To function, the terminal has to be equipped with its OS, the applications manager and at least one application. If one of the three components is missing, the terminal warns the operator who has to load it.

Technical Manual ICT220 23/36 Copyright 2009 Ingenico All rights reserved

If no application is initialized, the applications manager displays a message asking for an application to be initialized. If at least one application is initialized, the terminal is operational. The applications manager then awaits an event to poll the software applications loaded in the terminal.

2.5.1.2.

Common parameters Initialisation

The applications manager is used to initialize the common parameters: Date, time, message display language, phone network configuration data, Pin-pad connection, local downloading of remote diagnostics.

2.5.2.

Terminal maintenance

The terminal has maintenance functions for: Properties; Local downloading; Diagnostics.

2.5.2.1.

Properties

The properties function is used to print the following tickets: List of applications downloaded into the terminal: version number, checksum, etc. The applications manager prints this information for itself and for the operating system; Applications call time: remote collect, download, etc; Total number of transactions in each application file contained in the terminal.

Technical Manual ICT220 24/36 Copyright 2009 Ingenico All rights reserved

2.5.2.2.

Download

The downloading function uses the parameters downloaded during the initialization of the application manager. The program update function is used to update the terminal by: Using a special local downloading tool connected to the terminal; Using a remote downloading tool; Using a USB key.

2.5.2.3.

Diagnostics

The diagnostic is used for: Local diagnostics saving consists of two groups of items: Incident counters: used for repetitive-type incidents, when only the number of occurrences is of use, e.g. the number of incorrect swipe readings. Exceptional events. The information content depends on the type of incident. Generally this is the date and time, and then information on the incident itself. These events are saved in a revolving file where the most recent are kept. Remote diagnostics This allows the operator to make a call to the server to transfer information saved in the terminal. The server can thus enrich a database for ensuring efficient monitoring of equipment, propose preventive maintenance services, operating statistics, etc.

Technical Manual ICT220 25/36 Copyright 2009 Ingenico All rights reserved

2.6. Software downloading

2.6.1. Downloading

Software can be downloaded: Locally via the serial port (COM or USB). Remotely via the switched telephone network (PSTN) X25 Ethernet TCP/IP network. By a USB key. The techniques used: data compression; authenticity checking; memory allocation management, etc. best optimize the downloading operations. Hence savings in downloading time, use security, ease of upgrade, and number of software programs installed in the terminal.

2.6.2.

LLT(Local Loading Tool)

The LLT is used for local software downloading. The LLT is comprised of: PC running Windows XP/ 2000 / NT4, Vista; Ingenico downloading software; PC-terminal connection cable. Local downloading is carried out: Using the PC with the LLT installed, on the USB slave port; Automatic switching to the local loader of the OS. Possible connection by USB slave port: speed about 8 Mbps. Selection of the software to download is guided on the PC screen using an Explorer-type windowing system (Windows Loader). The downloading time of a 1Mo application is 4s by USB port.

2.6.3.

Downloading by USB key

Downloading by USB key allows the downloading without any other tool. Downloading time is equal to USB.

Technical Manual ICT220 26/36 Copyright 2009 Ingenico All rights reserved

2.6.4. TMS (Terminal Management Server)

See Chapter 3 Terminal management system TMS.

2.6.5.

Downloading and managing memory allocation in the terminal

Before the downloading, the system checks that the memory space is available. Software downloading (possibly compressed) is done into flash. If software is deleted, the system frees the space. If software is upgraded, the system downloads the new software, checks it and then deletes the old. The whole memory zone remains used and usable. No zone is reserved for upgrades. When the terminal starts up (power up or reset) the applications are decompressed and the code copied into RAM.

2.6.6. Improved software downloading

Includes the following characteristics: Downloading via FTP TCP/IP and PPP for optimized downloading. V32b downloading performance is: about 14.4 kbps on the original files. Once the connection has been made with the V32b modem, the downloading of a 120 Kb application takes about 1 min. Downloading can be done by IP via Ethernet on a SSL secured channel. Data compression according to algorithm based on the Lempel-Ziv method ensuring compression rates of about 40%. For downloading, only the improved application will be downloaded. In addition, the terminal manages this and not the remote server, which offers operating security during multiple sources downloading. Recall management in case of communication breakdown. This service enables an interrupted downloading to be resumed at the same place where it had lost connection and only to downloading the unfinished part. The downloaded software is executed securely, using the authenticity check.

2.6.7.

Starting the downloading

The downloading can be made from: Manually: The applications manager at the merchant request Launch a downloading. This is especially the case of a program update or the addition of new software into the terminal's memory. In this case the procedure is simplified to the maximum. Technical Manual ICT220 27/36 Copyright 2009 Ingenico All rights reserved

Thus, the user starts the call from the applications manager by choosing the upgrade function from the dialogue menus and keys. Dial-up and connection to the server are automatic. For an upgrade, the user has nothing to enter. For a new software request, the user is guided on screen to make the choice. The business's ID is not requested. The ID saved in the terminal is automatically transmitted to the server. Through management application: The application at the request of the centre or the merchant. In this case, the downloading is fully automatic. The downloading ticket lets the business know. Call Scheduling: terminal can be set to call at schedule date and time to regularly check of the content is up to date.

Technical Manual ICT220 28/36 Copyright 2009 Ingenico All rights reserved

2.7. Development workstation

Introduction
The software is written in high level C language in a multi-applications environment. Ingenico makes available all the software and equipment required for development. This includes the documentation. Also, training sessions are offered.

Required configuration
The development workstation executes on a Pentium PC running under Windows 2000/XP/Vista. Integrated environment (Eclipse) takes care of the software development phases: Project creation, edition, compilation/edition of links under GNU, signature, downloading, simulation, remote debugger.

Supply
The development workstation comprises: MOS software licence which includes: Operating system, Applications software manager, Libraries, Related documentation in PDF files. User licence of SST (Software Signature Tool); User licence of LLT (Local Loading Tool); RSA Card and smart card reader for signing applications software.

Related services
Technical support Lasts 6 months following the training. It includes access to the hot-line, and to the updates of the documentation and software during this period. Software terminal package Software packages are available allowing easy development for applications (EMV level 2, )

Technical Manual ICT220 29/36 Copyright 2009 Ingenico All rights reserved

3. Terminal management system - TMS

3.1. Introduction
Ingenico developed its own Terminal Estate Management System called IngEstate. It is a link between an organisation with an estate of payment terminals and their merchants. It allows users to remotely manage payment terminals, modify their software content and interact with merchants.

3.2. Basic functions

The basic functions are: be able to locally download software on a terminal using a direct cable link (usually RS232); be able to remotely download software on a particular terminal using modems and IP connections; be able to remotely download applications and configuration updates to a large estate of terminals; be able to upload terminal configurations and check software status; be able to inform merchants when terminals are out of use during maintenance periods.

3.3. Advanced functions

The advanced functions are extremely various, with new ones being requested frequently: draw statistics and reports about terminal configurations; optimise automatic call scheduling/download balancing for large estates of terminals; be able to display written messages on the terminal, using the display or the printer; be able to easily configure a complete terminal (i.e. several applications) and to download it in one operation; be able to analyse the status of terminal software and do only delta downloads (i.e. only the parts that are damaged or need updates); be able to download to either a PIN Pad or a terminal when connected; Customise the system easily; Integrate with systems such as SAP easily; and many others.

Technical Manual ICT220 30/36 Copyright 2009 Ingenico All rights reserved

3.4. Customers savings with Ingenico TMS solution

The most obvious cost saving is not having to send a technician to service the terminal at the merchant location. Many other costs savings are derived from the ability to have a clean estate; better diagnostics and remote software repairs mean less shipping of replacement terminals, less downtime, less mail and phone communication costs, more efficient update campaigns, etc.

Technical Manual ICT220 31/36 Copyright 2009 Ingenico All rights reserved

4. Services
Training Installation and exploitation Softwares OEMC/MOS development ( days) EMV Level 2 package (2 days) Development workstation SDK Hot-line support Technical assistance Fixed cost repair of ICT220 User licence Installation and commissioning User training Hot-line support Technical assistance User licence for local loading tool, LLT User licence for applications software User licence for MOS Licence for software signature tool, SST Licence for "EMV Level 2 package " Licence for TCP/IP .

Support After-Sales Service Downloading server centre

Softwares / Licences

Technical Manual ICT220 32/36 Copyright 2009 Ingenico All rights reserved

5. Standards
ICT220 complies with: European standards on personal safety (EN 60950); European standards on the disturbance produced by equipment and immunity characteristics; Standard concerning microcircuit cards reader.

Immunity characteristics
Tests of immunity to: electrostatic discharges radio-frequency electromagnetic fields electrical fast transients/bursts surges radio disturbances Magnetic fields voltage dips, short interruptions and voltage variations Standards IEC 61000-4-2 (1995+A1/1998+A2/2000) IEC 61000-4-3 (2002 + A1/2002) IEC 61000-4-4 (2004) IEC 61000-4-5 (2005) IEC 61000-4-6 (2003+A1/2004+A2/2006) IEC 61000-4-8 (1993+A1/2000) IEC 61000-4-11 (2004)

Disturbance produced by the equipment

Conducted disturbance Radiated disturbance Limits for harmonic current emissions Limitation of voltage fluctuations and flicker Standards EN 55022 d. 1998 / A1-2000 / A2-2003 EN 55022 d. 1998 / A1-2000 / A2-2003 EN 61000-3-2 (2000+A2/2005) EN 61000-3-3 (1994+A1/2001) Details Class B Class B

Operating condition
Standards Temperature Max relative humidity (no condensation) Details +5C to +45C 85%HR at +40C

Storage condition
Standards Temperature Max relative humidity (no condensation) Details -20C to +55C 85%HR at +55C

Technical Manual ICT220 33/36 Copyright 2009 Ingenico All rights reserved

6. Documentation
Description Technical instructions Description of the software workshop Description of the Server Software catalogue Software use guide Contents Detailed description of the ICT220 Introduction workshop Introduction to the downloading server Descriptive list of the available software Using the standard functions of the software described Method of loading and downloading software into the terminal of the Detailed description of the applications software manager functions Detailed description of all the functions, messages, and tickets of the software described to the software development

Loading instructions Reference instructions

applications software manager Software reference instructions

Technical Manual ICT220 34/36 Copyright 2009 Ingenico All rights reserved

This Document is Copyright 2009 by INGENICO Group. INGENICO retains full copyright ownership, rights and protection in all material contained in this document. The recipient can receive this document on the condition that he will keep the document confidential and will not use its contents in any form or by any means, except as agree beforehand, without the prior written permission of INGENICO. Moreover, nobody is authorized to place this document at the disposal of any third party without the prior written permission of INGENICO. If such permission is granted, it will be subject to the condition that the recipient ensures that any other recipient of this document, or information contained therein, is held responsible to INGENICO for the confidentiality of that information. Care has been taken to ensure that the content of this document is as accurate as possible. INGENICO however declines any responsibility for inaccurate, incomplete or outdated information. The contents of this document may change from time to time without prior notice, and do not create, specify, modify or replace any new or prior contractual obligations agreed upon in writing between INGENICO and the user. INGENICO is not responsible for any use of this device, which would be non consistent with the present document. All trademarks used in this document remain the property of their rightful owners.

Ingenico

192 avenue Charles de Gaulle 92200 Neuilly sur Seine - France Tl.: + 33 1 46 25 82 00 - Fax: + 33 1 47 72 56 95 www.ingenico.com

Copyright 2009 Ingenico All rights reserved

DIV1302A